Note: Ensure that your AD FS (in case of AD FS version 3.0 and 4.0) and CRM are on different domains for this configuration to work. For more information, read this Dynamics community post:Avoid using the same domain for ADFS and CRM.

Configuring a Relaying Party Trust in AD FS Server

Step

Description

Details

1

Log in to AD FS

Log in to the machine where the ADFS server installed and is integrated with your Microsoft Dynamics On-Premise CRM.

2

Go to ADF S Admin tab

Go to Administrative tools > AD FS Management.

3

Go to Relying Party Trusts

Under ADFS, Go to Trust Relationships > Relying Party Trusts.

4

Start adding a Trust

Click Add Relying Party Trust under "Actions" and click Start.

5

Select the 3rd Option

Select the Enter data about the relying party manually option, then click Next.

Enter claim rule name as Insideview and select Attribute store as Active Directory.

Select the following attributes as illustrated below in the LDAP Attribute (first column) and Outgoing Claim Type (second column) fields:

User-Principal-Name and UPN

Given-Name and Given Name

Surname for both field values

Note: The LDAP attribute that you can select can either be user-principal-name (UPN) or E-Mail addresses. The UPN or E-mail address attribute will be used as a username when you login via AD FS to InsideView.

Click Finish.

19

Apply

Click Apply and click OK.

20

Select the InsideView identifier

Select the relying party identifier "Insideview", which you just created, and then double click or select Properties under Actions menu. Click on the Endpoints tab, then click Add WS-Federation.